The Impact of User Account Control (UAC)

Perhaps the most notable change in Vista for developers is the introduction of User Account Control (UAC) and the tightening of application installation directories and their use. Visual DataFlex 2008 includes many changes to ensure that applications operate smoothly with UAC enabled on Vista.

User Account Control in Vista is basically every user running as a Standard User. Even Administrator accounts run as a Standard User with all of that account level’s restrictions. For an Administrator account to operate with its full rights (as would be expected on Windows XP for example), its user account must be elevated with explicit consent. Only a program running as an elevated Administrator user has full Administrator rights.

Elevated Administrator rights are only achieved by explicitly marking a specific program as requiring elevated Administrator rights. When launching a program marked as such, you will be prompted with a special user interface dialog for the explicit user consent.

This UAC change where Administrators are effectively not running by default with Administrator rights combined with tightened security on commonly used file system directories is, by far, the most common issue encountered when migrating applications to Vista. If your application does not require Administrator rights to operate properly in prior revisions of Windows, such as Windows XP, you can expect very few, if any, issues with UAC in Vista when you update to Visual DataFlex 2008. Nonetheless, it’s very important to understand the implications of UAC.

File and Registry Virtualization

For backwards compatibility, Vista employs a technique referred to as file and registry virtualization. This is used when programs that are not running with elevated Administrator rights are trying to modify protected files and registry keys. For database applications, file and registry virtualization should only be considered for temporary use since, in many cases it can do more harm than good. For example, accidentally virtualizing database files would create local copies of the data for each user, such that changes cannot be seen by other users.

File and Registry Virtualization is only enabled for programs that are running in compatibility mode under Vista. All Visual DataFlex 2008 applications should explicitly have this feature disabled. This feature is automatically disabled for any new projects you create in Visual DataFlex 2008, with the appropriate markup in the program manifest file.

When you migrate an existing workspace to Visual DataFlex 2008 by running the migration wizard (which automatically occurs when you open a specific workspace for the first time in the latest version of Visual DataFlex), all your projects in that workspace are also automatically protected against File and Registry virtualization. The migration wizard automatically adds the appropriate markup to the existing program manifest files, and new manifest files are created for projects without existing manifest files.

Changes in Visual DataFlex 2008 related to UAC

Changes for Developers

Many of the Vista UAC related changes in Visual DataFlex 2008 are internal, and/or related to Visual DataFlex tools and utilities such as the Studio, the WebApp Administrator. These changes ensure that you will have a smooth and consistent experience using the various development tools in Vista. Although these changes typically do not impact your application directly, knowing about these changes can still be very valuable when preparing your application for Windows Vista.

The most visible UAC related changes in Visual DataFlex 2008 relate to the installation layout and registry usage. For example, you will notice that the examples have been relocated and moved out of the general Visual DataFlex installation directory because, under Vista, it is not recommended to install files that are modified as part of normal application usage under the standard %ProgramFiles% directory. Modification to the %ProgramFiles% directory under Vista is normally restricted to elevated Administrator users.

For this reason the examples have been relocated to a place where all users are expected to be able to modify the files. This ensures that users can explore the examples as a Vista Standard User without elevated Administrator rights.

The Visual DataFlex 2008 Examples are located under the All Users (or Public) directory. This is to enable any user on the specific machine to access the Examples, just as any user on the machine can run the Studio. It is a common installation practice for an Administrator user to install the software, while a Standard user can only run the software. This way the Standard User still has full access to modify and explore the examples, while not having access to modify the installed software.

There are also some new functions and updated commands in Visual DataFlex 2008, dealing specifically with UAC:

• The global function IsAdministrator returns whether the user is running with elevated Administrator privileges or not.
• The RunProgram command has been updated with a new parameter, RunProgram Shell, which enables the UAC credential (user consent) prompt. When launching a program that is marked as requiring elevated Administrator rights, you must use RunProgram Shell to enable the UAC prompt. If you use RunProgram without the Shell parameter, the program will fail to launch correctly if the current program isn’t already running with elevated Administrator privileges.

Some operations in the Studio require elevated Administrator privileges; these include, but are not limited to:

• Creating a new Web Application. This will create the IIS web share and configure the web application, which usually requires elevated Administrator privileges.
• Debugging applications that are marked as requiring Administrator privileges.
• System level configurations, such as global driver configurations.
• Precompiling system packages.

The Studio has been updated to detect whenever such a situation occurs, and it will display a message telling you to restart the Studio with elevated Administrator privileges and try the operation again. Most of these situations are very rare and often considered administrator level work, for this reason it’s recommended that you only do this when absolutely required.

Except for these few occasions, which the Studio automatically informs you about, the Studio has been modified so that it can run with Standard User privileges both in Windows XP and Vista, without requiring elevated Administrator privileges.

Changes for Deployment

The most notable change in deployment with regard to Vista UAC is the creation of two new installation types: "Local Workstation" and "Network Accessible". When installing the Visual DataFlex Client Engine (deployment installation), there is a new required selection which specifies the type of installation. The type of installation mainly controls where the licensing files get installed.

Because of UAC and tighter control of security in Vista, the license files (termlist.cfg and .dfr files etc.) cannot be installed under the standard %ProgramFiles% directory, elevated Administrator rights are required to modify files in this location.

Local Workstation Deployment

When selecting a Local Workstation type of installation, it’s assumed that the client engine is only used by this one particular machine - the license files are installed under the standard Common_AppData directory (e.g. C:Documents and SettingsAll UsersApplication Data). This ensures that all users on the specific machine can access the license files appropriately. This type of installation is appropriate only for single workstation installations. Network users will not be able to access the license files.

Summary:

• Preferred deployment method for single machine access, such as single-user scenarios, or multi-user scenarios using Terminal Services/Citrix only.
• Visual DataFlex installed under write protected folder %ProgramFiles%.
• License files installed under standard Common_AppData directory.

Network Accessible Deployment

When selecting Network Accessible installation, it is assumed that the Client Engine will be shared by multiple users from multiple machines across a network. This is the most common type of deployment scenario for database applications. In this case you cannot install to the %ProgramFiles% directory, a directory that is accessible by network users must be selected. The license files will be installed into the Bin directory, and all application users must have access to modify files in this directory.

Summary:

• Used in multi-user scenarios where multiple users from multiple machines access the Visual DataFlex application via Windows File Sharing.
• Visual DataFlex installed into a shared directory with write access for all users.
• License files installed at the same shared location in the Bin directory.

Download the complete "Preparing for Vista" document.